CodeQL library for JavaScript/TypeScript
codeql/javascript-all 2.5.1-dev (changelog, source)
Index
Search

Module NosqlInjectionQuery

Provides a taint tracking configuration for reasoning about NoSQL injection vulnerabilities.

Note, for performance reasons: only import this file if NosqlInjection::Configuration is needed, otherwise NosqlInjectionCustomizations should be imported instead.

Import path

import semmle.javascript.security.dataflow.NosqlInjectionQuery

Imports

NosqlInjection
TaintedObject

Provides methods for reasoning about the flow of deeply tainted objects, such as JSON objects parsed from user-controlled data.

javascript

Provides classes for working with JavaScript programs, as well as JSON, YAML and HTML.

Classes

Configuration

DEPRECATED. Use the NosqlInjectionFlow module instead.

Modules

NosqlInjectionConfig

A taint-tracking configuration for reasoning about SQL-injection vulnerabilities.

Aliases

NosqlInjectionFlow

Taint-tracking for reasoning about SQL-injection vulnerabilities.